Fortify for GitHub

Supported Products

Fortify on Demand Scan

Integrate your Static Application Security Testing (SAST) into your GitHub workflow with Fortify on Demand. This GitHub Action sets up the Fortify on Demand (FoD) Uploader – also referred to as the FoD Universal CI Tool, allowing you to:

  • Downloads and caches the specified version of the Fortify on Demand Uploader JAR file
  • Adds the FOD_UPLOAD_JAR environment variable containing the full path to the Fortify on Demand Uploader JAR file
  • Documentation

Fortify ScanCentral Scan

Integrate Static Application Security Testing (SAST) into your GitHub workflows with Fortify. This GitHub Action sets up the Fortify ScanCentral Client, allowing you to:

  • Downloads, extracts and caches the specified version of the Fortify ScanCentral Client zip file
  • Adds the Fortify ScanCentral Client bin-directory to the path

These are the most common use cases for this GitHub Action:

  • Start a SAST scan on a ScanCentral environment; note that the ScanCentral Controller must be accessible from the GitHub Runner where the workflow is running.
  • Start a scan on Fortify on Demand (FoD), utilizing ScanCentral Client for packaging only;
  • Documentation

About GitHub

GitHub is a development platform used by developers to host and review code, manage projects, and build software.

github
release-rel-2020-10-2-5387 | Wed Oct 28 21:33:24 PDT 2020
5387
release/rel-2020-10-2-5387
Wed Oct 28 21:33:24 PDT 2020